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Claims 

[ci] A method for securing a transaction initiated witli a 

proximity integrated circuit (PIC) transaction device com- 
prising: 

a. selecting an application data with the highest priority 
from amongst the plurality of applications stored on a 
PIC transaction device database, the selected application 
data being supported by the PIC transaction device and a 
PIC transaction device reader, the application data in- 
cluding a list of process functions to perform and a list 
of transaction issuer predetermined transaction process- 
ing rules; 

b. authenticating the PIC transaction device using Offline 
Data Authentication (ODA); 

c. determining multiple merchant risk management fac- 
tors using at least one of the plurality of application 
data; 

d. determining multiple issuer risk management factors 
using at least one of the plurality of application data; and 

e. determining the transaction disposition of a transac- 
tion request, the transaction request disposition detail- 
ing 

whether to process a transaction for authorization of- 



fline, authorization online, no autliorization offline, the 
determination the transaction request disposition being 
performed by analyzing at least one of the results of 
ODA, the list of transaction issuer predetermined trans- 
action processing rules, the merchant risk management 
factors, and a set of merchant predetermined transaction 
processing rules. 

[c2] A method of claim 1, comprising authenticating the plu- 
rality of PIC application data offline. 

[c3] A method of claim 1, comprising authorizing the trans- 
action request online. 

[c4] A method of claim 1, comprising authorizing the trans- 
action request offline. 

[c5] A method of claim 4, comprising authenticating the 
transaction device issuer online. 

[c6] A method of claim 5, comprising authorizing the trans- 
action request by requesting a second application data 
from the plurality of application data. 

[c7] A method of claim 5, comprising receiving a response to 
a request for transaction device issuer authentication 
online, using the response to the request for authoriza- 
tion of the transaction device issuer to determine the 



disposition of tlie transaction request. 

A method for authorizing a transaction initiated with a 
proximity integrated circuit (PIC) transaction device com- 
prising: 

a. receiving at a merchant system a plurality of applica- 
tion data from the PIC transaction device; 

b. selecting a transaction processing application from 
the plurality of application data by the merchant system, 
the transaction processing application being supported 
by the PIC transaction device and the merchant system; 

c. receiving at the merchant system of a list of functions 
from the PIC transaction device, the list of functions be- 
ing supported by the merchant system and the PIC 
transaction device, the list of functions corresponding to 
the transaction processing application supported by the 
PIC transaction device and the merchant system; 

d. receiving at a merchant system a dataset for use with 
processing the list of functions, the dataset being pro- 
vided by the PIC transaction device; 

e. authenticating the PIC transaction device at the mer- 
chant system, the merchant system authenticating the 
PIC transaction device offline; 

f. authenticating of a merchant transaction request at the 
merchant system, the merchant system producing an 
first offline authentication result t in accordance with 



merchant risk management analysis; 

g. receiving at tlie mercliant system a list of PIC transac- 
tion device management rules from the PIC transaction 
device; 

h. determining a first disposition of a transaction request 
at the merchant system, the determination of the dispo- 
sition of the transaction request being done in accor- 
dance with an analysis by the merchant system of the 
first offline authentication result, the merchant risk 
management analysis, PIC transaction device manage- 
ment rules, and a result of a merchant risk management 
analysis, the transaction request being one of an action 
to approve the transaction request offline, seeking ap- 
proving for the transaction request online, declining the 
transaction request offline; and 

i. receiving of a first cryptogram application at the mer- 
chant system, the first cryptogram application being re- 
ceived in response to a 1st application request provided 
from the merchant system to the PIC transaction device, 
the first cryptogram being one of a transaction certificate 
(TC) to indicate that the transaction request may be 
completed online, an application request cryptogram 
(ARQC) to indicate that the transaction is to be com- 
pleted online, an application authentication cryptogram 
(AAC) to indicate that the transaction request is to be 
declined. 



[c9] A method of claim 8, comprising transmitting of tlie first 
cryptogram application, a portion of a dataset used to 
generate the first cryptogram, and the first offline au- 
thentication result to a PIC transaction device issuer for 
online authorization. 

[cio] A method of claim 9, comprising validating the first 

cryptogram to authenticate the PIC transaction device at 
a PIC transaction device issuer, the PIC transaction device 
issuer providing an issuer authorization response to the 
merchant system. 

[cii] A method of claim 10, comprising authorizing the trans- 
action request in accordance with the issuer authoriza- 
tion response. 

[ci2] A method according to claim 9, comprising authorizing 
the transaction request at the merchant system when the 
cryptogram is not authenticated by a PIC transaction de- 
vice issuer. 

[ci3] A method of claim 12, comprising receiving a second 

cryptogram application at the merchant system, the sec- 
ond cryptogram application being provided by the PIC 
transaction device in response to a second cryptogram 
application request from the merchant system. 



[ci4] A method of claim 13, comprising autliorizing a transac- 
tion by the merchant system when no second cryp- 
togram application is received. 

[ci5] A system for securing a transaction initiated with a prox- 
imity integrated circuit (PIC) transaction device, compris- 
ing: 

a. a PIC transaction device including a PIC transaction 
device database, the database storing a plurality of cryp- 
togram applications, a plurality of issuer predetermine 
transaction processing rules, a issuer defined dataset for 
use in performing an issuer defined risk management 
analysis, and plurality of transaction disposition cryp- 
tograms; and 

b. a merchant system in communication with the PIC 
transaction device, the merchant system comprising a 
merchant system database, the merchant system 
database storing a merchant system risk management 
application, a command dataset for use in communicat- 
ing with said PIC transaction device and a PIC transaction 
device issuer. 

[ci6] A system of claim 15, wherein said PIC transaction device 
is operable to provide said plurality of cryptogram appli- 
cations, said plurality of issuer predetermine transaction 
processing rules, said issuer defined dataset for use in 
performing an issuer defined risk management analysis. 



and said plurality of transaction disposition cryptograms 
in response to said command dataset. 

[ci7] A system of claim 15, wherein said merchant system is 
operable to generate a merchant transaction disposition 
in accordance with a merchant risk management analysis 
performed by said merchant risk management applica- 
tion. 

[ci8] A system of claim 17, wherein said merchant system is 
operable to authenticate said PIC transaction device in 
response to receipt of at least one of said PIC transaction 
device cryptogram applications, said plurality of issuer 
predetermine transaction processing rules, said issuer 
defined dataset for use in performing an issuer defined 
risk management analysis, and said plurality of transac- 
tion disposition cryptograms, and said merchant risk 
management analysis. 

[ci9] A system of claim 18, wherein said merchant system is 
operable to authorize said transaction request in re- 
sponse to receipt of at least one of said PIC transaction 
device cryptogram applications, said plurality of issuer 
predetermine transaction processing rules, said issuer 
defined dataset for use in performing an issuer defined 
risk management analysis, an issuer provided authenti- 
cation cryptogram, and said plurality of transaction dis- 



position cryptograms, and said mercliant risic manage- 
ment analysis. 

[c20] A system of claim 18, wherein said wherein said mer- 
chant system is operable to authorize said transaction 
request in response to receipt of at least one of said PIC 
transaction device cryptogram applications, said plurality 
of issuer predetermine transaction processing rules, said 
issuer defined dataset for use in performing an issuer 
defined risk management analysis, and said plurality of 
transaction disposition cryptograms, and said merchant 
risk management analysis, and a second transaction de- 
vice cryptogram application. 



